Running Windows XP.
In safe mode w/ network, it won't let me update MBAM. When I run it without updating it gives me 1 virus that it tries to restart to remove, but when restarting (either normally or in safe mode) it has not removed it.
Ran SuperAntiSpyware. It let me update that in safe mode w/ network, gave me 498 tracking cookies, and 3 under "Disabled.TaskManager." I am currently running this again to see what it removed.
I have not yet run avast, though my boss did earlier and he said that it also kept coming up with one file that it could not remove.
I tried running rkill in safe mode, but it brought up that it stopped no processes.
When looking at the computer in either regular or safemode, it appears that everything in "My Documents" and all of our desktop documents (but not computer programs) are gone. Yet when I ran the SuperAntiSpyware I could see it going through files that are supposedly MIA, so I guess they're just being hidden somehow?
I believe this started last night via a fake spyware pop-up that an evening employee had clicked on thinking it was real. **sigh**
Any help would be great. Thank you! The BleepingComputer staff always rocks!!
Edit: the title of this post (and the name of the virus according to MBAM, should be "PUM.Hijack.TaskManager" NOT "PUM.Hijack.Task.Manager" I apologize for incorrectly typing that.
Edited by SisM, 21 June 2011 - 02:16 PM.